<?php

class Search_Model_Dtljumpshow extends Apm_Model_Base{

    public function getDtljump($params)
    {

		//セキュアチェック　不正文字列存在時はエラー
		if ($this->CmnF_SecureCheck("all", $params))
		{
			print "セキュアチェックエラー 不正文字".$this->CmnF_SecureCheck("all", $params); //セキュアチェックエラー
			exit();
		} 
		
		$strOrgHeyaCd = $params['o'];
		$strTenpoCd = $params['t'];
		$strKashidashiKbn = $params['k'];
		$strComId = $params['c'];
		$strUseKbn = $params['UseKbn'];

		$ret = '';
		If ($strOrgHeyaCd) {
			$strSQL  = "SELECT T03_HEYA_CD ";
			$strSQL .= "FROM T03WEB_HEYA ";
			$strSQL .= "WHERE T03_ORIGINAL_HEYA_CD01= :OrgHeyaCd ";
			$strSQL .= "AND T03_TENPO_CD= :TenpoCd ";
			$strSQL .= "AND T03_KASHIDASHI_KUBUN= :KaishaKbn ";
		
			$db_params['OrgHeyaCd'] = $strOrgHeyaCd;
			$db_params['TenpoCd'] = $strTenpoCd;
			$db_params['KaishaKbn'] = $strKashidashiKbn;
			$rsSet = $this->dbGetData($strSQL, $db_params);

			$ret['strTgtHeyaCd'] = $rsSet['T03_HEYA_CD'];
		}
		if (empty($strUseKbn)) $strUseKbn = '0';
		$ret['strUseKbn'] = $strUseKbn;
		if (empty($strComId)) {
			$ret['strComId'] = '';
			$ret['strOemCd'] = '9999';	// ダミー
		} else {
			$ret['strComId'] = $strComId;
			$ret['strOemCd'] = '';
		}
		
		return $ret;
	}

    function CmnF_SecureCheck($value, $params)
	{
		$charactor=array("?","&","%",";","\'","--","<",">","\"");
		$function_ret="";
		
		foreach ($params as $key => $val) {
			for ($i=0; $i<=count($charactor); $i=$i+1)
			{
				if ((strpos($val,$charactor[$i]) ? strpos($val,$charactor[$i])+1 : 0))
				{
					$function_ret=$charactor[$i];
					break;
				} 
			}
		}

		return $function_ret;
	} 

}
?>
